Primary

Context

SAP FS-RBD Missing Authorization Check Vulnerability in IBS Module Allowing Privilege Escalation

Vulnerability

A vulnerability exists in an IBS module of SAP FS-RBD, where an authenticated user with low privileges can exploit a missing authorization check. This flaw allows unauthorized access to perform actions beyond the user's intended permissions, leading to a low impact on integrity, with no effect on confidentiality or availability.

Impact

Exploitation of this vulnerability could result in unauthorized actions being performed, potentially altering data or system states in a way that undermines the integrity of the application.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, specifically during the monthly SAP Security Patch Day.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP FS-RBD Missing Authorization Check Vulnerability in IBS Module Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating